Created Setting up Drupal 7 (markdown)

2018-01-14 15:19:21 +02:00 · 2018-01-14 15:19:21 +02:00 · 211b80a433
parent 904b236347
commit 211b80a433
1 changed files with 252 additions and 0 deletions
--- a/Setting-up-Drupal-7.md
+++ b/Setting-up-Drupal-7.md
@ -0,0 +1,252 @@
+In this guide we are setting up *Drupal 7* with *php-fpm* and *Nginx*
+
+## Prerequisites
+
+* A DNS record:
+   ```
+   cms.example.com.	69	IN	A	2.2.2.2
+   ```
+
+* A Debian 9.3 (stretch) instance (ami-b9fa4cc1)
+
+* Make the hostname persistent on the instance, by creating the file */etc/cloud/cloud.cfg.d/99_hostname.cfg*:
+    ```
+    #cloud-config
+    hostname: cms
+    fqdn: cms.example.com
+    ```
+
+## Installing dependencies
+
+**NOTE:The following commands are executed under a privileged *admin* user, unless otherwise stated.**
+
+```
+$ sudo apt -y install php-apcu php-pear php7.0-fpm php7.0-cli php7.0-gd php7.0-mysql php7.0-xml php7.0-mbstring php7.0-curl nginx
+```
+
+## Install Drupal 7
+
+Create a user for the website and switch to it:
+
+```
+$ sudo useradd -s /bin/bash -d /srv/webadmin -m webadmin
+$ sudo su - webadmin
+```
+
+Download Drupal 7:
+
+```
+$ wget https://ftp.drupal.org/files/projects/drupal-7.56.tar.gz
+```
+
+Extract Drupal 7
+
+```
+$ tar xvzf drupal-7.56.tar.gz 
+```
+
+Rename the destination folder to *cms*:
+
+```
+$ mv drupal-7.56/ cms
+```
+
+## Setup Nginx
+
+Exit back to the *admin* user and prepare the CMS Virtualhost (Create the */etc/nginx/sites-available/cms* file):
+
+```
+server {
+        server_name cms.example.com;
+        root /srv/webadmin/cms;
+ 
+        access_log /var/log/nginx/cms.example.com.access.log;
+        error_log  /var/log/nginx/cms.example.com.error.log info;
+ 
+        index index.php;
+ 
+        location = /favicon.ico {
+                log_not_found off;
+                access_log off;
+        }
+ 
+        location = /robots.txt {
+                allow all;
+                log_not_found off;
+                access_log off;
+        }
+ 
+        # This matters if you use drush
+        location = /backup {
+                deny all;
+        }
+ 
+        # Very rarely should these ever be accessed outside of your lan
+        location ~* \.(txt|log)$ {
+                allow 127.0.0.1;
+                deny all;
+        }
+ 
+        location ~ \..*/.*\.php {
+                return 403;
+        }
+ 
+        location / {
+                # This is cool because no php is touched for static content
+                try_files $uri $uri/ @rewrite;
+                expires max;
+        }
+ 
+        location @rewrite {
+                # Some modules enforce no slash (/) at the end of the URL
+                # Else this rewrite block wouldn&#39;t be needed (GlobalRedirect)
+                rewrite ^/(.*)$ /index.php?q=$1;
+        }
+ 
+        location ~ \.php$ {
+                include fastcgi_params;
+                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+                fastcgi_intercept_errors on;
+                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
+        }
+ 
+}
+```
+
+Enable the *cms* virtualhost and disable the *default* (switch back to the *admin* user):
+
+```
+$ cd /etc/nginx/sites-enabled/
+$ sudo ln -s ../sites-available/cms
+$ sudo rm default
+```
+
+Verify the configuration:
+
+```
+$ sudo nginx -t
+nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
+nginx: configuration file /etc/nginx/nginx.conf test is successful
+```
+
+The configuration is free from syntax errors. We can go ahead and restart *Nginx*and *PHP-FPM* :
+
+```
+$ sudo systemctl restart nginx.service php7.0-fpm.service
+```
+
+## Enable HTTPS with Let's Encrypt
+
+Install *Certbot*:
+
+```
+$ sudo apt -y install python-certbot-nginx
+```
+
+Generate the certificate:
+
+```
+sudo certbot --authenticator standalone --installer nginx -d cms.theo-andreou.org --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"
+```
+
+**NOTE: under normal conditions the following command should work (and without restarting *Nginx*, but the Nginx authenticator has been disabled because of a [security bug](https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983):**
+
+```
+$ certbot run --nginx -d cms.example.com # Currently not working because of a letsencrypt bug
+```
+
+Use these settings in the prompt:
+* Enter Email Address: **admin@example.com**
+* ToS: **Agree**
+* HTTPS Access: **Secure**
+
+Certificate auto-renewal is already included in the *python-certbot-nginx* package. That is true for Debian but not Ubuntu:
+
+```
+$ cat /etc/cron.d/certbot
+# /etc/cron.d/certbot: crontab entries for the certbot package
+#
+# Upstream recommends attempting renewal twice a day
+#
+# Eventually, this will be an opportunity to validate certificates
+# haven't been revoked, etc.  Renewal will only occur if expiration
+# is within 30 days.
+SHELL=/bin/sh
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && certbot -q renew
+```
+
+## Setup a MariaDB database
+
+Install *MariaDB*:
+
+```
+$ sudo apt -y install mariadb-server
+```
+
+Now create the Drupal database:
+
+```
+$ sudo mysql
+
+MariaDB [(none)]> CREATE DATABASE cms CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci;
+MariaDB [(none)]> GRANT ALL PRIVILEGES ON cms.* TO 'cmsuser'@'localhost' IDENTIFIED BY 'MyDrupalDBPass';
+MariaDB [(none)]> FLUSH PRIVILEGES;
+```
+
+## Setup Drupal 7
+
+We need some preparations before we proceed with the setup.
+
+First create the *sites/default/files* directory (as the *admin* user):
+
+```
+$ cd /srv/webadmin/cms/
+$ sudo mkdir sites/default/files
+$ sudo chown www-data:webadmin sites/default/files
+```
+
+Then create the *sites/default/default.settings.php* file:
+
+```
+$ sudo cp sites/default/default.settings.php sites/default/settings.php
+$ sudo chown www-data:webadmin sites/default/settings.php
+```
+
+Now visit this website to setup *Drupal*:
+
+https://cms.example.com/install.php
+
+Select the following options:
+* Select an installation profile: **Standard**
+* Choose language: **English**
+* Verify requirements
+    You will be redirected to the next step if all is OK. Otherwise you will need to fix your setup.
+* Database configuration:
+    * Database name: **cms**
+    * Database username: **cmsuser**
+    * Database password: **MyDrupalDBPass**
+* Configure site:
+    * Site name: **cms.example.com**
+    * Site e-mail address: **cms@example.com**
+    * Username: **cmsadmin**
+    * E-mail address: **admin@example.com**
+    * Password: **MyDrupalAdminPass**
+    * Confirm Password: **MyDrupalAdminPass**
+    * Default country: **Your country here**
+    * Default Timezone: **Your Timezone here**
+    * Check for updates automatically: **Enabled**
+    * Receive e-mail notifications: **Enabled**
+
+If everything is correct you will be greeted with a "Congratulations, you installed Drupal!" after you press the **Save and continue** button.
+
+You can visit your newly installed Drupal CMS here:
+
+https://cms.example.com
+
+References
+----------
+* https://www.drupal.org/node/1030854
+* http://blog.celogeek.com/201209/202/how-to-configure-nginx-php-fpm-drupal-7-0/
+* https://www.drupal.org/node/244924